On Sat, Jul 07, 2001 at 11:18:47AM +0800, Pablo Manalastas wrote:
> Why do most individuals advertise their PGP/GPG
> public keys. Why not OpenSSL public keys instead?
> OpenSSL has the advantage of working transparenty with
> Netscape mail. PGP/GPG requires that additional tools
> be installed. Am I missing some point here?
>
> Most webservers use (Open)SSL server certificates.
> Why can't individuals use OpenSSL public/private
> keys/certificates?
I think it's due to the different trust model.
PGP - distributed "guerilla" approach where you auth against each other
over the phone (reading the key fingerprint) or at keysigning parties.
SSL - centralized model where a trusted key needs to be signed by Verisign/
Thawte/some other Certificate Authority.
--
http://www.internet.org.ph
Philippine Internet Resources
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
